Skip to main content

Senior Security Risk Management Engineer

Remote - United Kingdom


The Databricks Security Risk Management team’s mission is to proactively identify, manage, and monitor security risks that may impede Databricks' ability to achieve its strategic objectives, while safeguarding the confidentiality, integrity, and availability of information and physical company assets. You will be an individual contributor on this dynamic and highly effective team. 

This is a remote work opportunity within the following geographic regions. 

  • Netherlands, Great Britain / United Kingdom, Spain, Costa Rica, Brazil

You will work with a global Databricks team, spread across various locations in the US and EMEA, to conduct security risk assessments, maintain the Databricks risk register, and more.

The impact your will have:

  • Integrate security risk management across the organization
  • Determine and drive risk mitigation efforts
  • Support recurring reporting of risk program metrics to leadership
  • Manage security risk acceptance and exceptions processes
  • Maintain risk-related policy and process documents

What we look for:

We are looking for a professional with the following skills and practical experience in:

  • Designing, implementing, and managing a security risk management program and risk acceptance / security exception process
  • Building end-to-end risk scenarios specific to a company’s environment
  • Completing projects with multiple dependencies / constraints and build relationships with / manage diverse stakeholders remotely
  • Tracking and reporting key performance and risk indicators
  • Ability to clearly articulate risk concepts and results to leadership and peers
  • Excellent verbal and written communication, documentation, collaboration, analytical, and presentation skills
  • Bachelor's degree from an accredited college or university in cybersecurity, computer science, or related field is preferred
  • Relevant security and GRC certifications, such as CISSP, CCSP, CSSLP, CGRC, CCSK, GSEC, GCIH, GCFE, GCFA, and CEH, are preferred
  • 4+ years of security experience or advanced degree + 2 years of security experience
  • Working understanding of security, assessment, risk management, and compliance frameworks (e.g., NIST 800-37, NIST 800-39, NIST 800-30, MITRE ATT&CK, ISO 27001, ISO 27005, NIST 800-53, SOC 2, PCI, FedRAMP) and how they are interrelated


  • Private medical insurance
  • Private dental insurance
  • Health Cash Plan
  • Life, income protection & critical illness insurance
  • Pension Plan
  • Equity awards
  • Enhanced Parental Leaves
  • Fitness reimbursement
  • Annual career development fund
  • Home office & work headphones reimbursement
  • Business travel accident insurance
  • Mental wellness resources
  • Employee referral bonus

About Databricks

Databricks is the data and AI company. More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark™, Delta Lake and MLflow. To learn more, follow Databricks on TwitterLinkedIn and Facebook.

Our Commitment to Diversity and Inclusion

At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.


If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.

To apply, and accept cookies